TBNilles/LEANN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: TBNilles:fix/drop-python39-support
Branches Tags
TBNilles:main TBNilles:fix/drop-python39-support TBNilles:add-gh-pat-token-to-workflows TBNilles:feature/add-ty-type-checker TBNilles:feature/custom-folder-multi-vector TBNilles:feature/colqwen-integration TBNilles:feat/add-colqwen2.5-support TBNilles:revert-161-feat/multi-vector-timing-and-dataset-improvements TBNilles:feat/multi-vector-timing-and-dataset-improvements TBNilles:fix/pdf-duplicate-processing-175-clean TBNilles:fix/pdf-duplicate-processing-175 TBNilles:embed-launch TBNilles:issue-159-performance-analysis TBNilles:fix/security-eval-slack-mcp-reader-clean TBNilles:fix/security-eval-slack-mcp-reader TBNilles:fix/chunking-token-limit-behavior TBNilles:fix/chunking-token-limit-behavior-clean TBNilles:feature/optimize-ollama-batching TBNilles:gen-time TBNilles:fix/twitter-bookmarks-anchor-link TBNilles:fix-readme TBNilles:security/enhance-hf-model-loading-security TBNilles:feature/mcp-integration-clean TBNilles:feature/mcp-integration-support TBNilles:feature/imessage-rag-support TBNilles:feature/chatgpt-rag-support TBNilles:fix-update TBNilles:feature/claude-rag-support TBNilles:financebench TBNilles:fix/passage-server-signature TBNilles:colqwen TBNilles:fix/ask-cli-example TBNilles:feat/configurable-local-endpoints TBNilles:dynamic-add TBNilles:feat/add-github-templates TBNilles:fix/astchunk-uv-import TBNilles:ast-fork TBNilles:fix-arm64-linux TBNilles:cli_fix TBNilles:vldb-exp TBNilles:chore/ruff-imports-hnsw TBNilles:arch-eval TBNilles:mcp-fix TBNilles:fix-arch-ci TBNilles:fix/update-diskann-mkl-linking TBNilles:feature/auto-register-app-indexes TBNilles:feature/enhanced-cli-list-remove TBNilles:feature/add-gemini-api-support TBNilles:fix/52-include-hidden-flag TBNilles:fix/empty-chunks-cherry-pick TBNilles:docs/update-readmes-mcp-conclusion TBNilles:feature/skypilot-docs TBNilles:debug/clean-state-investigation TBNilles:clean-state-investigation TBNilles:add-macos15-support TBNilles:feat/multiple-input-formats TBNilles:fix-ollama-embedding-dimension-bug TBNilles:fix-mac-intel-build TBNilles:feature/graph-partition-support TBNilles:fix/claude-code-gitignore-support TBNilles:fix/clean-hang-solution TBNilles:feat/claude-code-refine TBNilles:feature/claude-code-research TBNilles:docs/update-contributors TBNilles:config TBNilles:refactor-app TBNilles:feat/diskann-smart-memory TBNilles:fix-macos-abi TBNilles:fix/openai-embeddings-cosine-distance TBNilles:fix/manylinux-compatibility TBNilles:apps TBNilles:perf-build TBNilles:readme-polish TBNilles:datastore-reproduce TBNilles:fix-all TBNilles:debug_diskann_disable_pipe TBNilles:master
TBNilles:v0.3.5 TBNilles:v0.3.4 TBNilles:v0.3.3 TBNilles:v0.3.2 TBNilles:v0.3.1 TBNilles:v0.3.0 TBNilles:v0.2.9 TBNilles:v0.2.8 TBNilles:v0.2.7 TBNilles:v0.2.6 TBNilles:v0.2.5 TBNilles:v0.2.4 TBNilles:v0.2.2 TBNilles:v0.2.1 TBNilles:v0.2.0 TBNilles:v0.1.16 TBNilles:v0.1.15 TBNilles:v0.1.14 TBNilles:v0.1.13 TBNilles:v0.1.12 TBNilles:v0.1.11 TBNilles:v0.1.10 TBNilles:v0.1.9 TBNilles:v0.1.7 TBNilles:v0.1.5 TBNilles:v0.1.2 TBNilles:v0.1.1 TBNilles:v0.1.0
...
pull from: TBNilles:fix/security-eval-slack-mcp-reader
Branches Tags
TBNilles:main TBNilles:fix/drop-python39-support TBNilles:add-gh-pat-token-to-workflows TBNilles:feature/add-ty-type-checker TBNilles:feature/custom-folder-multi-vector TBNilles:feature/colqwen-integration TBNilles:feat/add-colqwen2.5-support TBNilles:revert-161-feat/multi-vector-timing-and-dataset-improvements TBNilles:feat/multi-vector-timing-and-dataset-improvements TBNilles:fix/pdf-duplicate-processing-175-clean TBNilles:fix/pdf-duplicate-processing-175 TBNilles:embed-launch TBNilles:issue-159-performance-analysis TBNilles:fix/security-eval-slack-mcp-reader-clean TBNilles:fix/security-eval-slack-mcp-reader TBNilles:fix/chunking-token-limit-behavior TBNilles:fix/chunking-token-limit-behavior-clean TBNilles:feature/optimize-ollama-batching TBNilles:gen-time TBNilles:fix/twitter-bookmarks-anchor-link TBNilles:fix-readme TBNilles:security/enhance-hf-model-loading-security TBNilles:feature/mcp-integration-clean TBNilles:feature/mcp-integration-support TBNilles:feature/imessage-rag-support TBNilles:feature/chatgpt-rag-support TBNilles:fix-update TBNilles:feature/claude-rag-support TBNilles:financebench TBNilles:fix/passage-server-signature TBNilles:colqwen TBNilles:fix/ask-cli-example TBNilles:feat/configurable-local-endpoints TBNilles:dynamic-add TBNilles:feat/add-github-templates TBNilles:fix/astchunk-uv-import TBNilles:ast-fork TBNilles:fix-arm64-linux TBNilles:cli_fix TBNilles:vldb-exp TBNilles:chore/ruff-imports-hnsw TBNilles:arch-eval TBNilles:mcp-fix TBNilles:fix-arch-ci TBNilles:fix/update-diskann-mkl-linking TBNilles:feature/auto-register-app-indexes TBNilles:feature/enhanced-cli-list-remove TBNilles:feature/add-gemini-api-support TBNilles:fix/52-include-hidden-flag TBNilles:fix/empty-chunks-cherry-pick TBNilles:docs/update-readmes-mcp-conclusion TBNilles:feature/skypilot-docs TBNilles:debug/clean-state-investigation TBNilles:clean-state-investigation TBNilles:add-macos15-support TBNilles:feat/multiple-input-formats TBNilles:fix-ollama-embedding-dimension-bug TBNilles:fix-mac-intel-build TBNilles:feature/graph-partition-support TBNilles:fix/claude-code-gitignore-support TBNilles:fix/clean-hang-solution TBNilles:feat/claude-code-refine TBNilles:feature/claude-code-research TBNilles:docs/update-contributors TBNilles:config TBNilles:refactor-app TBNilles:feat/diskann-smart-memory TBNilles:fix-macos-abi TBNilles:fix/openai-embeddings-cosine-distance TBNilles:fix/manylinux-compatibility TBNilles:apps TBNilles:perf-build TBNilles:readme-polish TBNilles:datastore-reproduce TBNilles:fix-all TBNilles:debug_diskann_disable_pipe TBNilles:master
TBNilles:v0.3.5 TBNilles:v0.3.4 TBNilles:v0.3.3 TBNilles:v0.3.2 TBNilles:v0.3.1 TBNilles:v0.3.0 TBNilles:v0.2.9 TBNilles:v0.2.8 TBNilles:v0.2.7 TBNilles:v0.2.6 TBNilles:v0.2.5 TBNilles:v0.2.4 TBNilles:v0.2.2 TBNilles:v0.2.1 TBNilles:v0.2.0 TBNilles:v0.1.16 TBNilles:v0.1.15 TBNilles:v0.1.14 TBNilles:v0.1.13 TBNilles:v0.1.12 TBNilles:v0.1.11 TBNilles:v0.1.10 TBNilles:v0.1.9 TBNilles:v0.1.7 TBNilles:v0.1.5 TBNilles:v0.1.2 TBNilles:v0.1.1 TBNilles:v0.1.0

1 Commits
fix/drop-p ... fix/securi

Author SHA1 Message Date
aakash
697d247698 fix security vulnerability: replace eval() 2025-11-13 11:12:31 -08:00
1 changed files with 5 additions and 4 deletions
Expand all files Collapse all files

9
apps/slack_data/slack_mcp_reader.py
View File

@@ -7,6 +7,7 @@ for indexing in LEANN. It supports various Slack MCP server implementations and
flexible message processing options. flexible message processing options.
""" """
import ast
import asyncio import asyncio
import json import json
import logging import logging
@@ -146,16 +147,16 @@ class SlackMCPReader:
match = re.search(r"'error':\s*(\{[^}]+\})", str(e)) match = re.search(r"'error':\s*(\{[^}]+\})", str(e))
if match: if match:
try: try:
error_dict = eval(match.group(1)) error_dict = ast.literal_eval(match.group(1))
except (ValueError, SyntaxError, NameError): except (ValueError, SyntaxError):
pass pass
else: else:
# Try alternative format # Try alternative format
match = re.search(r"Failed to fetch messages:\s*(\{[^}]+\})", str(e)) match = re.search(r"Failed to fetch messages:\s*(\{[^}]+\})", str(e))
if match: if match:
try: try:
error_dict = eval(match.group(1)) error_dict = ast.literal_eval(match.group(1))
except (ValueError, SyntaxError, NameError): except (ValueError, SyntaxError):
pass pass
if self._is_cache_sync_error(error_dict): if self._is_cache_sync_error(error_dict):